1   package com.atlassian.security.auth.trustedapps.seraph.filter;
2   
3   import com.atlassian.security.auth.trustedapps.filter.AuthenticationController;
4   import com.atlassian.seraph.filter.BaseLoginFilter;
5   import com.atlassian.seraph.auth.RoleMapper;
6   
7   import javax.servlet.http.HttpServletRequest;
8   import java.security.Principal;
9   
10  /**
11   * Implementation of theh {@link AuthenticationController} to integrate with Atlassian Seraph.
12   */
13  public class SeraphAuthenticationController implements AuthenticationController
14  {
15      private final RoleMapper roleMapper;
16  
17      /**
18       * @param roleMapper the configured Seraph {@link RoleMapper} for the application.
19       * @throws IllegalArgumentException if the roleMapper is <code>null</code>.
20       */
21      public SeraphAuthenticationController(RoleMapper roleMapper)
22      {
23          if (roleMapper == null)
24          {
25              throw  new IllegalArgumentException("roleMapper must not be null!");
26          }
27          this.roleMapper = roleMapper;
28      }
29  
30      /**
31       * Checks the {@link RoleMapper} on whether or not the principal can login.
32       *
33       * @see AuthenticationController#canLogin(Principal, HttpServletRequest)
34       */
35      public boolean canLogin(Principal principal, HttpServletRequest request)
36      {
37          return roleMapper.canLogin(principal, request);
38      }
39  
40      /**
41       * Checks the request attibutes for the {@link BaseLoginFilter#OS_AUTHSTATUS_KEY}. Will return <code>true</code> if
42       * the key is not present.
43       */
44      public boolean shouldAttemptAuthentication(HttpServletRequest request)
45      {
46          return request.getAttribute(BaseLoginFilter.OS_AUTHSTATUS_KEY) == null;
47      }
48  }